init-request-limits

The init-request-limits function works with the obj.conf function check-request-limits to monitor
incoming requests with a given attribute. check-request-limits maintains
a table of monitored values. intit-request-limits purges
existing entries in that table according to the timeout.
This function is not required unless you want to override the default value
for the purge timeout in check-request-limits. For more
information, see check-request-limits. The
default is 300 seconds (five minutes). This function is applicable in Init-class directives.

Parameters

The following table describes the init-request-limits parameter.

Table 5–4 init-request-limits Parameter

Parameter

Description

timeout

(Optional) Sets the time in seconds after which to purge entries tracked
by check-request-limits. The default is 300 seconds (five
minutes).

An optimal value for timeout depends not only on
your performance and memory requirements but also on the check-request-limits rules you are using. When using rules containing, for example, monitor="$ip" on a busy public web site, new buckets are created
and kept for every client IP accessing the server. Because this setting potentially
creates a very large number of buckets, the expiration should be short enough
that unused entries are purged in a reasonable time.

However, to avoid removing and re-creating buckets for the same client,
do not set a timeout that is shorter than the typical or
expected client session.

If you do not use any dynamic bucket names (that is, if all monitored
values and bucket are fixed strings instead of variables, or you never specify
monitor or bucket parameters at all) there are only a fixed number of buckets.
In that case, you can disable expiration entirely by setting the timeout to zero.